Intrusion Detection Systems (IDS) are used to help defend domains by sitting on network choke points and recording all inbound and outbound packet traffic. These well-positioned tools have always been thought of as a defense weapon against cyber crime. But a tool has no say in how it is used. Passive mapping is a technique of listening to a choke point in the network and using the data to map a network. IDS naturally can perform this function. Passive mapping differs from active mapping where the software sends packets out and listens to the response to determine a network layout. NMAP is an active mapping piece of software. The Air Force was looking into passive mapping techniques some time ago but nothing seemed to happen with it. What are the advantages of passive mapping over that of active mapping that someone would spend research money on it? There are three discriminators between active and passive techniques: low uptime discovery, unusual port discovery and loss of illumination.
Did you find this white paper useful?
19 out of 50 users found this white paper useful
Related white papers
UPS Security Technology Group Uses Web-Based Technology to Produce ID Cards, Saving Local Departments From Purchasing Expensive Systems
In the immediate days after 9/11, UPS drivers were being denied entry into military installations and government buildings and faced increased delivery delays due to heightened security approvals and escorts....
The MyDoom Worm
An e-mail worm continued to clog Internet traffic this week, spreading faster than previous Web bugs by appearing as an innocuous error message. The worm - dubbed "MyDoom," "Novarg" or...
Cross Site Scripting Explained
This white paper briefs on how to stop Cross Site Scripting (CSS) attacks. It details the entire CSS technique and methods for securing a site against CSS attacks.
Attacks and Countermeasures: A Study of Network Attack Classes and Security Components to Protect Against Them
There are many types of network attacks, and security solutions to address almost all of them. Most attack types fall into three major categories: attacks on integrity, attacks on confidentiality...
Trojan Defence: A Forensic View
The Trojan defence; “I didn’t do it, someone else did”– myth or reality? This two part article investigates the fascinating area of Trojan & network forensics and puts forward...
Gene Kim Presents "Surviving and Benefiting from an Audit" with Craig Morgan, Partner KPMG
An audit is a necessary and often painful event for many companies. As difficult as it is to imagine, it is possible to benefit from an audit. By understanding the...
Wireless worries: Unauthorized hot spots and rogue warriors
Many businesses and educational institutions have their own wireless networks-- but are often faced with policing rogue wireless hot spots brought in by employees or students. The rogue hot spots...
